What you’ll be doing...

Senior technical subject matter expert for Corporate Information Security (CIS) - Security Technical Integration Services (STIS) providing industry leading expertise in the areas of Internet of Things (IoT) and embedded system security. This technical subject matter expert will leverage current knowledge of embedded systems, software, sensors, and network connectivity to assess security posture.

Further, the role responsibilities will include consulting and providing security guidance related to the use of IoT in wireless sensor networks, control systems, automation, and machine-to-machine (M2M) platforms using a variety of operating systems and applications either deployed or under development in Verizon.

The Associate Fellow role will also oversee identifying new and unique vectors associated with potential network, device, or protocol weaknesses and opportunities to recommend and adopt security controls to minimize risk. Monitor and manage security awareness of all things IoT, including the networking backend, infrastructure, and protocols. Assist with developing and revising policy associated with IoT and embedded systems.

Develop new patterns and approaches related to advanced signatures and identifying potential intrusions, vulnerabilities, and Indicators of Compromise (IOC) related to embedded systems; this will include assessing across processor/controller, software, I/O and network stacks.

Represent Verizon internally and externally as an IoT security expert; participating industry governance bodies related to IoT and embedded system security and best practices; and author published materials/white papers related to industry developments. Further, Initiate and foster external peer relationships for cyber security knowledge and thought sharing; infuse new ideas and approaches back into the VZ CIS organization to drive innovation.

Key Tasks and Responsibilities:

  • Act as the primary expert to provide guidance and define security strategy related to IoT and embedded systems/platforms
  • Ensure IoT security strategy aligns with overall corporate security policy and security architecture
  • Primary security lead to consult and assess enterprise IoT solutions and outline associated risk and recommended controls
  • Advisory role to CIO and CISO on security matters relating to IoT and embedded system design and highlight trends that will shape strategy
  • Subject matter expertise on IoT architecture and protocols
  • Champion IoT security strategy across Verizon lines of business; consult with existing IoT product and development teams to provide security expertise
  • Senior advisor for work efforts related to IoT and embedded system deployments across Verizon
  • Thought leadership and collaboration for adapting to new cyber security approaches based on industry trends and adapting to evolving security threats; act as technology partner to inject knowledge and recommendations into STIS roadmaps and architecture to remain relevant.
  • Keep abreast of industry trends, emerging risks, and legal and regulatory changes, and participate in industry forums
  • Influence and provide consulting and guidance during yearly corporate policy reviews following accepted best practices in security, and changes in threat vectors
  • Develop best practice technical security requirements that reduce risk based on expert knowledge in technology and security controls. Provide technical assessment and risk review of new product and influence corporate leaders to address compliance remediation through control implementation
  • Build strategic partnerships across CISO, IT, business, Legal, Product, and Network organizations to evangelize security strategy and drive to common standards and solutions
  • Recommend policy positions to a broad base of users - from senior leadership to front line employees.
  • Be capable of facilitating forums to define policies, standards, and/or controls
  • Build strategic partnership with ISO leaders to advise on future state problems and challenges in IoT security space
  • Work with the business to understand needs at a technical level; partner with the Security Architecture team to design solutions based on needs for the business; support other CIS team activities based on needs; participate in evaluation and recommendation of new technologies and processes as needed
  • Conduct security architecture reviews on proposed and existing IoT and embedded technology and provide constructive feedback
  • Ad hoc support and execution of information security investigations as needed

What we’re looking for...

You’ll need to have:

  • Bachelor’s Degree or six or more years of work experience.
  • Six or more years of relevant work experience.
  • Experience in security.

Even better if you have:

  • Bachelor's degree in technology or security discipline.
  • 7+ years of working in security related roles.
  • 5+ years of operating in senior security technical roles.
  • 3+ years of experience with IoT and embedded technology.
  • Experience with mobile and wireless technologies.
  • Expert knowledge of IoT protocols.
  • Experience with one or more of the following IoT verticals: environmental monitoring, infrastructure management, manufacturing, energy management, medical and healthcare systems, building and home automation, transportation, smart technologies, smart grid, and smart cities, ubiquitous computing, or data distribution services.
  • Skilled in software development (C, Java, Python, Perl) and IP networking.
  • Experience with penetration testing, malware reverse engineering, forensics, and data correlation methods.
  • Experience designing, developing, and recommending integrated security systems that will ensure proprietary/confidential data and systems are protected.
  • Ability to work across different divisions, organizations, and leadership chains to influence change.
  • Expert knowledge of external security policies and frameworks, this includes: federal and private industry privacy legislation and standards, cross-border transfer requirements, and policy frameworks that include NIST Cybersecurity Framework.
  • Ability to draft security policies, standards, procedures and other forms of documentation related to IoT and embedded systems.
  • Strong verbal and written communication skills, proven experience effectively communicating upwards, laterally, and downward.
  • Competent in advanced communication skills involving the ability to translate complex, technical security concepts to executive and business oriented audiences.
  • Demonstrated ability to perform critical analysis and develop executive decision support content related to security programs and topics.
  • Highly motivated, entrepreneurial, and attracted to challenging opportunities coupled with inherent curiosity and desire for continuous learning.
  • Demonstrates strong problem solving, analytical, interpersonal, and ownership skills.
  • Ability to work in a fast-paced environment where organizational skills are essential.
  • Excellent collaboration skills with a wide variety of internal team members; applies diplomacy where needed to establish effective working relationships.
  • Operates with integrity and accountability.
  • Ability to manage highly complex security programs with little to no management oversight, CISM or related certification is a strong plus..

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.